Remove Gitea's SSH as entrypoint/possible attackvector

This commit is contained in:
2020-09-08 08:59:30 +02:00
parent 6892ae9ef6
commit 51e42ce1f3
3 changed files with 6 additions and 29 deletions

View File

@ -7,10 +7,6 @@ spec:
- protocol: TCP
name: ui
port: 3000
- protocol: TCP
name: ssh
port: 22
targetPort: ssh
selector:
app: gitea
---
@ -45,8 +41,6 @@ spec:
ports:
- name: ui
containerPort: 3000
- name: ssh
containerPort: 22
volumeMounts:
- mountPath: /data
name: flexvolsmb-gitea-data
@ -81,20 +75,6 @@ spec:
middlewares:
- name: security-headers@file
---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRouteTCP
metadata:
name: gitea
spec:
entryPoints:
- ssh
routes:
- match: HostSNI(`*`)
kind: Rule
services:
- name: gitea
port: 22
---
apiVersion: v1
kind: PersistentVolume
metadata: